1. Field of the Invention
The present invention relates to the field of programmable logic core designs, and in particular to a method and structure for incorporating a hidden identification marker in register-based cores.
2. Discussion of Related Art
Due to advancing semiconductor processing technology, integrated circuits have greatly increased in functionality and complexity. For example, programmable devices such as field programmable gate arrays (FPGAs) and programmable logic devices (PLDs) can incorporate ever-increasing numbers of functional blocks and more flexible interconnect structures to provide greater functionality and flexibility.
FIG. 1 is a simplified schematic diagram of a conventional FPGA 110. FPGA 110 includes user logic circuits such as input/output blocks (IOBs), configurable logic blocks (CLBs), and a programmable interconnect 130, which contains programmable switch matrices (PSMs). Each IOB and CLB can be configured through a configuration port 120 to perform a variety of functions. Programmable interconnect 130 can be configured to provide electrical connections between the various CLBs and IOBs by configuring the PSMs and other programmable interconnection points (PIPs, not shown) through configuration port 120. Typically, the IOBs can be configured to drive output signals or to receive input signals from various pins (not shown) of FPGA 110.
FPGA 110 is illustrated with 16 CLBs, 16 IOBs, and 9 PSMs for clarity only. Actual FPGAs may contain thousands of CLBs, IOBs, and PSMs. The ratio of the number of CLBs, IOBs, and PSMs can also vary.
FPGA 110 also includes dedicated configuration logic circuits to program the user logic circuits. specifically, each CLB, IOB, PSM, and PIP contains a configuration memory (not shown) that must be configured before each CLB, IOB, PSM, or PIP can perform a specified function. Typically, the configuration memories within an FPGA use static random access memory (SRAM) cells. The configuration memories of FPGA 110 are connected to configuration port 120 through a configuration structure (not shown) and a configuration access port (CAP) 125. Configuration port 120 (a set of pins used during the configuration process) provides an interface for external configuration devices to program the FPGA. The configuration memory is typically arranged in rows and columns. The columns are loaded from a frame register (part of the configuration structure referenced above), which is in turn sequentially loaded from one or more sequential bitstreams. In FPGA 110, configuration access port 125 is essentially a bus access point that provides access from configuration port 120 to the configuration structure of FPGA 110.
FIG. 2 illustrates a conventional structure used to configure FPGA 110. Specifically, FPGA 110 is coupled to a configuration device 230 such as a serial programmable read only memory (SPROM), an electrically programmable read only memory (EPROM), or a microprocessor. Configuration port 120 receives configuration data, usually in the form of a configuration bitstream, from configuration device 230. Configuration data from configuration device 230 is transferred serially to FPGA 110 through a configuration data input pin or pins (not shown) in configuration port 120. Specific examples for configuring various FPGAs can be found on pages 6-60 to 6-68 of xe2x80x9cThe Programmable Logic Data Book 1999xe2x80x9d (hereinafter xe2x80x9cThe Xilinx 1999 Data Bookxe2x80x9d), published in March, 1999 by Xilinx, Inc., and available from Xilinx, Inc., 2100 Logic Drive, San Jose, Calif. 95124. Additional methods to program FPGAs are described by Lawman in commonly assigned U.S. Pat. No. 6,028,445 entitled xe2x80x9cDECODER STRUCTURE AND METHOD FOR FPGA CONFIGURATIONxe2x80x9d by Gary R. Lawman.
Note that as the differences between logic classifications have begun to blur, the traditional designators for the various classifications have become less meaningful. For example, many FPGAs now include hardwired circuitry and enhanced routing capabilities formerly reserved to ASICs, while many ASICs have begun to incorporate FPGA-like reprogrammable elements. Furthermore, design data can now be readily translated between different logic types, making implementation, say, of a FPGA design in an ASIC a relatively straightforward process. Therefore, for the purposes of the present invention, the term xe2x80x9cregister-based programmable logic devicexe2x80x9d will be used to denote all logic that includes memory elements, such FPGAs and ASICs, among others.
To simplify the design process and shorten the design cycle for register-based programmable logic devices, many vendors provide predefined cores (sometimes referred to as intellectual property, or IP). A core is simply a specific set of configuration information that implements a particular system function, such as a PCI bus or a digital signal processing algorithm. A core (or cores) can then be incorporated by a user of the register-based programmable logic into the user""s own design file. The user benefits from the core because the user does not need to spend the time or resources to develop the complex logic included in the core. Further, since the vendor profits from selling the same core to many users, the vendor can spend the time and resources to design optimized cores. For example, the vendor can strive to provide cores having high performance, flexibility, and low gate count.
However, the very convenience afforded by these cores makes them susceptible to unauthorized appropriation by unlicensed users. Various methods have been suggested to minimize the chances of programmable logic design data piracy. For example, it has been proposed that FPGAs include embedded decryption circuits to decrypt encrypted cores. Alternatively, encrypted cores are decrypted prior to creation of the configuration bitstream. Both of these methods are described by Burnham et al. in commonly assigned, co-pending U.S. patent application Ser. No. 09/232,022, entitled xe2x80x9cMETHODS TO SECURELY CONFIGURE AN FPGA TO ACCEPT SELECTED MACROSxe2x80x9d by James L. Burnham, Gary R. Lawman, and Joseph D. Linoff, which is referenced above. It has also been proposed that the configuration data stored in configuration device 230 be marked with markers, also known as watermarks. This method is described in U.S. patent application Ser. No. 09/513,230, filed on Feb. 24, 2000, and entitled xe2x80x9cWATERMARKING FPGA CONFIGURATION DATAxe2x80x9d by James L. Burnham.
However, in many instances, the configuration data or device for a product will not be readily available. The actual device, or core implementation, may be in a non-reprogrammable form, making configuration data analysis difficult. Therefore, it is desirable to provide some other means of identifying misappropriated IP. Hence, there is a need for a method to watermark the actual product created from a set of configuration data.
The present invention provides a method for concealing an identifier in a core design by xe2x80x9chidingxe2x80x9d the identifier in a location that is inaccessible during normal operation of the core implementation. xe2x80x9cNormal operationxe2x80x9d refers to the operation of the core implementation to perform the function for which it is intended. Access to the identifier requires a predefined unlock operation that is known only to those who would need to check the source of a particular programmable logic design. For example, it would be undesirable for the unlock operation to be described in the standard literature or documentation for the core (or associated core implementation), since an unauthorized copyist would then be able to detect and remove/change this identification information. Therefore, the unlock operation would typically be known only to the original core designers, thereby allowing those original designers to check the originality of any suspicious competitive products.
The unlock operation is selected to be an action sequence (i.e., a single action or multiple actions) that would typically not be performed during normal operation of the core implementation. Furthermore, the logic associated with providing the hidden identifier in response to the unlock operation is configured to not interfere with normal operation of the core implementation. Therefore, the presence of this source identification capability is transparent to regular users (and unauthorized copyists) of the core implementation.
A register-based programmable logic device in accordance with an embodiment of the present invention includes a register that returns a secondary identifier only when an unlock operation is performed. At all other times, the register behaves as would be expected for the core implementation in which it is incorporated. The register can be any memory location within the core implementation. A detector circuit replaces the output of the register with the secondary identifier in response to the unlock operation. In accordance with an embodiment of the present invention, the replacement involves storing the secondary identifier in the register. In accordance with another embodiment of the present invention, the replacement involves intercepting the output of the register and substituting the secondary identifier. The availability of the secondary identifier can be limited in duration to minimize the chances of accidental, or even intentional, discovery. According to an embodiment of the present invention, any read operation to a register other than the selected register (i.e., the register from which the secondary identifier can be read) resets the selected register, thereby cutting off access to the secondary identifier.
The unlock operation can comprise any defined action or set of actions. According to an embodiment of the present invention, the unlock operation comprises writing a specific data value to a specific register. According to another embodiment of the present invention, the unlock operation comprises performing a specified sequence of read and write operations to various registers.
The present invention will be more fully understood in view of the following description and drawings.